Login user by username/email and password.
POST/api/v5/auth/login
Login user by username/email and password.
Request
Responses
- 200
- 400
- 401
- 500
- default
Login successful.
Response Headers
- MMAUTHTOKEN string User access token.
- MMUSERID string User ID.
- MMCSRF string CSRF token.
Setcookie
Set-Cookie header:
Token
Bad Request, ErrorInfo.Reason list:
- CREDENTIALS_MISSING - login_id or password is missing
- CREDENTIALS_INVALID - login_id or password is invalid
- GUESTS_DISABLED - guest login is disabled
- LOGIN_DISABLED - login by username/email is disabled
- LOGIN_BAD_AUTH_SERVICE - user has another auth service type
- MFA_NO_PHONE - user has no phone to challenge mfa
Unauthenticated, ErrorInfo.Reason list:
- LOGIN_USER_DEACTIVATED - user is deactivated
- LOGIN_AS_BOT - login as bot is disabled
- LOGIN_TOO_MANY_ATTEMPTS - too many login attempts
- EMAIL_NOT_VERIFIED - user email is not verified
- MFA_TOTP_REQUIRED - user has enabled MFA, but no MFA code provided
- MFA_INVALID_CODE - invalid MFA code
- MFA_EXPIRED_CODE - expired MFA code, resend code to continue
- MFA_CHALLENGE - user should pass MFA, server sent sms to hallenge.
- LICENSE_USERS_LIMIT - users count reach limit defined in license
Reason: MFA_CHALLENGE
rrorInfo.Metadata:
- challenge_id: Challenge ID
- status: Challenge status: SENT | LIMIT_EXCEEDED | LIMIT_LOCKED
- masked_phone: Masked phone number to sent sms
- next_attempts_seconds: Seconds to next challenge
- limit_quota_exceeded: Count of exceeded attempts. Return when tatus is LIMIT_LOCKED.
Internal server error
An unexpected error response.